Creating spamassassin custom rules

To prevent false positves when checking e-mail for spam with spamassassin it can be useful to provide certain text patterns that will/should never appear in spam mails, such as terms related to your business.

Such terms can be scanned to decrease the score value of spamassassin.

Edit /etc/spamassassin/local.cf and add a section like this

rawbody __BECAUSE_TERM /exampletermregex/i
header __BECAUSE_RECIPIENT ALL =~ /myaccount\@domain.tld/i
meta MYTERM_MAILBODY (__BECAUSE_TERM && __BECAUSE_RECIPIENT)
score
MYTERM_MAILBODY -5.0

Here is what happens:

In the first line the body of the mail will be scanned with the regular expression defined by "exampletermregex".

The second lines scan *all* headers of the e-mail for any occurence of e-mail address "myaccount\@domain.tld" - this is a regular expression as well.

The third lines concats the two conditions above. In the forth line the spam score for this e-mail will be decreased by 5 if both conditions are true. That's all!

Another example? Here only the header is scanned. Contains the subject a certain term and is the email address mentioned in the header?

header __BECAUSE_TERM Subject =~ /(term1|term2)/i
header __BECAUSE_
RECIPIENT ALL =~ /account\@domain.tld/i
meta
MYTERM_MAILHEAD (__BECAUSE_RECIPIENT && __BECAUSE_TERM)
score
MYTERM_MAILHEAD -5.0

If you have spamassassin running as a daemon you have to reload it to make the rules work.

Did this worked for you. Just drop a comment.

No comments: